8ec63ee7df46ff1cbb46143d7b17114c3753cac48456031d65114a722d8d4e1f

Sharing

Copy URL Twitter E-mail

General

Target

8ec63ee7df46ff1cbb46143d7b17114c3753cac48456031d65114a722d8d4e1f
Size

187KB
MD5

9399f568d61a5a96e912e5f541a90397
SHA1

7134a733c54c58cd5cb990b10a4408cc443b19f1
SHA256

8ec63ee7df46ff1cbb46143d7b17114c3753cac48456031d65114a722d8d4e1f
SHA512

4b3147beef133aa17ed781bbad5cba909a5e96405c8d180c48a50cb5e8c00b0fa79e1bc11009fbd00b607ee7f35c7689358fe82037f3c80344be4d399dbe644a
SSDEEP

3072:cXsUO9bS3bkzNp/W3NdjOlG+w6Az4h493QtgQJQIh8iAAG2uVE+JXE9f:q0b4oBp/MNZOlG+hAz4qpQtgYIiAzdVR

Score

N/A

Malware Config

Signatures

Files

8ec63ee7df46ff1cbb46143d7b17114c3753cac48456031d65114a722d8d4e1f
.exe windows x86

c3806899df1d1398fe94f3d56b07d7f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
InitializeCriticalSection
SetCurrentDirectoryA
OpenSemaphoreA
LocalFree
MoveFileW
GetLocalTime
GetVolumeInformationW
DeleteAtom
GetExpandedNameA
QueryPerformanceCounter
SetLocaleInfoA
AddAtomW
SetThreadPriority
GetWindowsDirectoryW
OpenEventA
ReadDirectoryChangesW
GetHandleInformation
GetCalendarInfoA
GetProcAddress
SetCalendarInfoA
EnumCalendarInfoW
OpenWaitableTimerA
GetVersion
QueryPerformanceFrequency
GetLongPathNameW
SetUnhandledExceptionFilter
Sleep
GetCurrentThread
CreateMutexA
Beep
OpenEventW
CompareStringA
IsBadWritePtr
GetPriorityClass
GetTimeFormatW
GetShortPathNameW
GetEnvironmentVariableA
IsDebuggerPresent
GetComputerNameA
GetFileAttributesA
GetSystemDirectoryA
GetFileTime
GetModuleHandleA
BeginUpdateResourceW

user32

GetClassInfoExA
RegisterWindowMessageA
AppendMenuW
GetSysColorBrush
PeekMessageW
CheckRadioButton
SetMenu
GetMenuState
MoveWindow
CharNextW
ShowCaret
EnumDesktopsA
EnumDesktopsA
OpenClipboard
DefWindowProcA
IsChild
DefFrameProcA
FlashWindow
wvsprintfW
DefDlgProcW
SetDlgItemTextW
GetDesktopWindow
SetWindowRgn
SetWindowTextA
InsertMenuItemW
GetMenuStringA
LoadIconW
GetMessageA
CreateDesktopA
GetClassInfoExW
CreateWindowExW
CallWindowProcW
GetClassInfoA
GetDlgItemTextW
MonitorFromPoint
MonitorFromWindow
BringWindowToTop
GetClassInfoW
MonitorFromRect
CheckDlgButton
InsertMenuA
GetDlgItemTextA
SetDlgItemInt
InvalidateRgn
GetMenu
GetActiveWindow
MessageBoxIndirectW
DrawTextA
CheckMenuRadioItem
ClientToScreen
PostMessageW

gdi32

EnumEnhMetaFile
SetMapMode
CloseMetaFile
GetEnhMetaFileW
GdiGetBatchLimit
GetCharWidthFloatA
RoundRect
EnumFontFamiliesExA
GetRgnBox
SetTextColor
ExtTextOutW
EndPage
ScaleViewportExtEx
AngleArc
CreateBitmapIndirect
PolyBezierTo
GetBitmapBits
GetTextExtentExPointI
SetGraphicsMode

advapi32

RegQueryMultipleValuesW
RegEnumValueW
RegFlushKey
CryptSetProviderW
RegEnumValueA
RegEnumKeyA
RegSetValueW
RegSaveKeyA
RegSetValueA
RegQueryValueA
RegReplaceKeyW
RegEnumKeyExA

shell32

StrRStrIA
FreeIconList
StrRChrIA
ExtractIconExW
SHGetFolderPathW
StrNCmpA

comctl32

DrawStatusTextA
DllGetVersion
ImageList_Destroy
ImageList_SetFilter
LBItemFromPt
FlatSB_EnableScrollBar
DrawStatusText

oleaut32

GetRecordInfoFromTypeInfo
VarUI2FromR8
VarBoolFromUI1
OaBuildVersion
VarR4CmpR8
VariantCopy
VarUI8FromUI2
VarUI4FromStr

version

GetFileVersionInfoSizeW
VerInstallFileA

ws2_32

WSAEnumProtocolsA
WSASend
accept
WSAGetLastError
sendto
WSACloseEvent
listen
getservbyport
select

wininet

CreateUrlCacheEntryA
RunOnceUrlCache
IsHostInProxyBypassList
InternetSetCookieExA
InternetGetCookieExW
SetUrlCacheEntryGroupA
InternetFindNextFileA
InternetSetPerSiteCookieDecisionW
InternetReadFile
FindFirstUrlCacheEntryExA
SetUrlCacheHeaderData

urlmon

HlinkNavigateMoniker

winspool.drv

ConvertAnsiDevModeToUnicodeDevmode
SetFormA
DeleteMonitorW
PrinterProperties
DeletePrintProcessorA
AddPrinterConnectionA
AddPortA
DeletePrinterConnectionW

crypt32

I_CryptRemoveLruEntry
CertFindCTLInStore
CertIsRDNAttrsInCertificateName
CryptRegisterOIDInfo
I_CryptInstallAsn1Module
CryptEnumProvidersU
CertControlStore
I_CryptDetachTls

Sections

.LLgE
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.SLjFv
Size: 1KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WBV
Size: 2KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.b
Size: 120KB - Virtual size: 237KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3806899df1d1398fe94f3d56b07d7f1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

oleaut32

version

ws2_32

wininet

urlmon

winspool.drv

crypt32

Sections

.LLgE Size: 16KB - Virtual size: 15KB

.SLjFv Size: 1KB - Virtual size: 21KB

.rdata Size: 5KB - Virtual size: 5KB

.WBV Size: 2KB - Virtual size: 18KB

.data Size: 6KB - Virtual size: 7KB

.b Size: 120KB - Virtual size: 237KB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 512B - Virtual size: 28KB

.LLgE
Size: 16KB - Virtual size: 15KB

.SLjFv
Size: 1KB - Virtual size: 21KB

.rdata
Size: 5KB - Virtual size: 5KB

.WBV
Size: 2KB - Virtual size: 18KB

.data
Size: 6KB - Virtual size: 7KB

.b
Size: 120KB - Virtual size: 237KB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 512B - Virtual size: 28KB